Royal Road Análise

IOB - Indicator of Behavior (175)

Curso de tempo

Idioma

en144
fr12
it6
de6
zh4

País

us94
gb14
fr10
pl10
it8

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

Microsoft Windows8
Apache HTTP Server6
WordPress4
ProFTPD4
Drobo 5N2 NAS4

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1nginx direitos alargados6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.430.00241CVE-2020-12440
2MidiCart PHP Shopping Cart item_show.php Injecção SQL6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.050.00000
3WordPress Private Post direitos alargados4.64.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00272CVE-2020-11028
4Apache HTTP Server mod_rewrite Redirect6.76.7$25k-$100k$5k-$25kNot DefinedNot Defined0.070.00258CVE-2020-1927
5ProFTPD mod_copy direitos alargados8.58.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.94462CVE-2019-12815
6Microsoft Exchange Server Privilege Escalation8.57.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.03563CVE-2021-26412
7Gempar Script Toko Online shop_display_products.php Injecção SQL7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00100CVE-2009-0296
8Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
9Mihalism Multi Host users.php Injecção SQL7.37.3$0-$5k$0-$5kHighUnavailable0.000.00152CVE-2008-0714
10Microsoft IIS Roteiro Cruzado de Sítios5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.080.00548CVE-2017-0055
11Mailman direitos alargados6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00160CVE-2018-13796
12WordPress Thumbnail direitos alargados7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00990CVE-2018-1000773
13XenForo direitos alargados8.67.9$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00000
14DCP-Portal forums.php Injecção SQL7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00000
15Ideal BB.NET forums.aspx Roteiro Cruzado de Sítios3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00000
16logwatch logwatch.pl direitos alargados9.89.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.05151CVE-2011-1018
17OpenSSH Authentication Username Divulgação de Informação5.34.8$5k-$25k$0-$5kHighOfficial Fix0.160.10737CVE-2016-6210
18Apache Shiro API Directório Traversal8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00071CVE-2023-34478
19Subversion svn+ssh:/ URL direitos alargados8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.12851CVE-2017-9800
20Apache Subversion mod_authz_svn authenticated Divulgação de Informação5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.020.00380CVE-2015-3184

Campanhas (1)

These are the campaigns that can be associated with the actor:

  • Royal Road

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1138.68.133.211share.sawblade.org.ukRoyal RoadRoyal Road22/12/2020verifiedAlto
2XXX.XXX.XX.XXXxxxx XxxxXxxxx Xxxx22/12/2020verifiedAlto
3XXX.XXX.XX.XXxxxx XxxxXxxxx Xxxx22/12/2020verifiedAlto
4XXX.XX.X.XXXxxx.xx.x.xxx.xxxxx.xxxXxxxx XxxxXxxxx Xxxx22/12/2020verifiedMédio

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (92)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/bin/shpredictiveBaixo
2File/oauth/authorizepredictiveAlto
3File/see_more_details.phppredictiveAlto
4File/uncpath/predictiveMédio
5File/webmail/predictiveMédio
6File/_nextpredictiveBaixo
7Fileadmin/index.phppredictiveAlto
8Fileanonymous/authenticatedpredictiveAlto
9Fileassets/add/registrar.phppredictiveAlto
10Filebooking.phppredictiveMédio
11Filebooks.phppredictiveMédio
12Filexxxx.xxxpredictiveMédio
13Filexxxxxxxxx.xxxxpredictiveAlto
14Filexxx-xxxx.xxxpredictiveMédio
15Filexxx-xxxpredictiveBaixo
16Filexxx-xxx/xxxxxxxxxxxx.xxxpredictiveAlto
17Filexxxxxx/xxx/x_xxxxxxxx_xxxxxxxx.xpredictiveAlto
18Filexxxxxxxx_xxxxxxxxxxxx.xxxpredictiveAlto
19Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
20Filexxxxx.xxx?xxx=xxxx&xxxxxx=xxxxxxxxxpredictiveAlto
21Filexxxxxx.xxxxpredictiveMédio
22Filexxxxxx.xxxpredictiveMédio
23Filexxxx.xpredictiveBaixo
24Filexxxx.xxxpredictiveMédio
25Filexxxxx.xxxpredictiveMédio
26Filexxxx_xxxx.xxxpredictiveAlto
27Filexxxxx.xxxpredictiveMédio
28Filexxxxxxxx.xxpredictiveMédio
29Filexxxxxxx/xxxxxxx/xxx_xxxxxxx.xpredictiveAlto
30Filexxx/xxxxx.xxxxpredictiveAlto
31Filexxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxx/xxxxxxxx.xxxxpredictiveAlto
32Filexxxxxxxxx.xxxxpredictiveAlto
33Filexxxx.xxxpredictiveMédio
34Filexxxxxxxx.xxxpredictiveMédio
35Filexxxxxxxxx/xxxxxx.xpredictiveAlto
36Filexxx.xpredictiveBaixo
37Filexxxxxxxx/xxxxx/xxxxxxx.xxpredictiveAlto
38Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveAlto
39Filexxxxxxxx.xxxpredictiveMédio
40Filexxxxxx/xxxxxxx/xxxxxxx/xxxxxx.xxxpredictiveAlto
41Filexxxx-xxxxx_xxxxxxx.xxxpredictiveAlto
42Filexxxxx.xxxpredictiveMédio
43Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictiveAlto
44Filexxxxxx.xxxpredictiveMédio
45Filexxxxxx/xx/xxxx.xxxpredictiveAlto
46Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictiveAlto
47Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveAlto
48Filexx-xxxxx/xxxxx.xxx?xxxx=xxxxxxxxxxx-xxxx&xxpredictiveAlto
49Filexx-xxxxx/xxxxx.xxx?xxxx=xxx-xxxxx&xxxxxx=xxxx-xxxxxpredictiveAlto
50Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveAlto
51Filexx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxxpredictiveAlto
52Libraryxxxxxxxx.xxxpredictiveMédio
53Argument--xxxpredictiveBaixo
54Argumentxxx_xxxxpredictiveMédio
55ArgumentxxxxxpredictiveBaixo
56ArgumentxxxxxxpredictiveBaixo
57ArgumentxxxpredictiveBaixo
58ArgumentxxxxxpredictiveBaixo
59Argumentxxx_xxpredictiveBaixo
60ArgumentxxxpredictiveBaixo
61Argumentxxxx_xxpredictiveBaixo
62Argumentxxxx/xxxxpredictiveMédio
63ArgumentxxxxxxxpredictiveBaixo
64ArgumentxxpredictiveBaixo
65Argumentxxxx_xxxxxxxpredictiveMédio
66ArgumentxxpredictiveBaixo
67ArgumentxxxxpredictiveBaixo
68ArgumentxxxxpredictiveBaixo
69ArgumentxxpredictiveBaixo
70ArgumentxxxxxxpredictiveBaixo
71ArgumentxxxxpredictiveBaixo
72ArgumentxxxxxpredictiveBaixo
73ArgumentxxpredictiveBaixo
74ArgumentxxxxxxxxpredictiveMédio
75ArgumentxxxxxxxxpredictiveMédio
76Argumentxxxx_xxpredictiveBaixo
77Argumentxxxxxxxx_xxxx/xxxxxx_xx/xxxxxxxx_xxxpredictiveAlto
78Argumentxxxxxx/xxxxxpredictiveMédio
79ArgumentxxxxxxpredictiveBaixo
80ArgumentxxxxxxpredictiveBaixo
81ArgumentxxxxxpredictiveBaixo
82Argumentxxxxxxxxxx[xxxx]predictiveAlto
83Argumentxxxxxxxxxxx_xxpredictiveAlto
84ArgumentxxxpredictiveBaixo
85ArgumentxxxpredictiveBaixo
86ArgumentxxxxxxxxpredictiveMédio
87Argumentxxxx->xxxxxxxpredictiveAlto
88Input Value.%xx.../.%xx.../predictiveAlto
89Input Valuexxx.xxx[xxxxx]predictiveAlto
90Input Value…/.predictiveBaixo
91PatternxxxxxxxxpredictiveMédio
92Pattern|xx xx xx xx|predictiveAlto

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!